Rewterz Threat Advisory – Multiple Adobe Photoshop and Bridge Vulnerabilities
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Windows Products Vulnerabilities
October 12, 2023Rewterz Threat Advisory – Multiple Adobe Photoshop and Bridge Vulnerabilities
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Windows Products Vulnerabilities
October 12, 2023Severity
High
Analysis Summary
CVE-2023-35349 CVSS:9.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36557 CVSS:7.8
Microsoft Windows could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the PrintHTML API. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36590 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36593 CVSS:7.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36697 CVSS:6.8
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36713 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Common Log File System Driver component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information from heap memory and use this information to launch further attacks against the affected system.
CVE-2023-41769 CVSS:8.1
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Layer 2 Tunneling Protocol component. By winning a race condition, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36435 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the QUIC component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-36571 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36702 CVSS:7.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the DirectMusic component. By persuading a victim to open a specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36718 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Virtual Trusted Platform Module component. By using complex memory shaping techniques, an attacker could exploit this vulnerability to execute arbitrary code on the system and escape the virtual machine.
CVE-2023-38171 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the QUIC component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-36902 CVSS:7
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Runtime component. By persuading a victim to execute a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-65752 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kernel component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2023-36712 CVSS:7.8
Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the Kernel component. By persuading a victim to open a specially crafted file, an authenticated attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2023-36707 CVSS:6.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Deployment Services component. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-36721 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Error Reporting Service component. By winning a race condition, an authenticated attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2023-36438 CVSS:7.5
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by a flaw in the TCP/IP component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-36436 CVSS:7.8
Microsoft Windows could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the MSHTML Platform component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36743 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Win32k component. By executing a specially crafted program, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-36589 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36574 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36594 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Graphics component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-36582 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36596 CVSS:6.5
Microsoft Windows could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the Remote Procedure Call component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2023-36584 CVSS:5.4
Microsoft Windows could allow a remote attacker to bypass security restrictions, caused by a flaw in the Mark of the Web component. An attacker could exploit this vulnerability to bypass security feature to cause impact on integrity and availability.
CVE-2023-36717 CVSS:6.5
Microsoft Windows is vulnerable to a denial of service, caused by aflaw in the Virtual Trusted Platform Module. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to affect the functionality of the Hyper-V host.
CVE-2023-36720 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Mixed Reality Developer Tools component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-36726 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Internet Key Exchange (IKE) Extension component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2023-36581 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Message Queuing component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-36585 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Active Template Library component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-36434 CVSS:9.8
Microsoft Windows could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the IIS Server. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-36578 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36570 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By executing a specially crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38159 CVSS:7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in Graphics Component. By sending a specially crafted request, an attacker could exploit this vulnerability to escalate privileges.
CVE-2023-36592 CVSS:7.3
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the Message Queuing component. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36606 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Message Queuing component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-41770 CVSS:8.1
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Layer 2 Tunneling Protocol component. By winning a race condition, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36706 CVSS:6.5
Microsoft Windows could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in the Deployment Services component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2023-36724 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Power Management Service component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
CVE-2023-41767 CVSS:8.1
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Layer 2 Tunneling Protocol component. By winning a race condition, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36732 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Win32k component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2023-36709 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the AllJoyn API component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-41773 CVSS:8.1
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Layer 2 Tunneling Protocol component. By winning a race condition, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Gain Access
- Information Theft
- Privileges Escalation
- Denial of Services
- Code Execution
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-35349
- CVE-2023-36557
- CVE-2023-36590
- CVE-2023-36593
- CVE-2023-36697
- CVE-2023-36713
- CVE-2023-41769
- CVE-2023-36435
- CVE-2023-36571
- CVE-2023-36702
- CVE-2023-36718
- CVE-2023-38171
- CVE-2023-36902
- CVE-2023-36725
- CVE-2023-36712
- CVE-2023-36707
- CVE-2023-36721
- CVE-2023-36438
- CVE-2023-36436
- CVE-2023-36743
- CVE-2023-36589
- CVE-2023-36574
- CVE-2023-36594
- CVE-2023-36582
- CVE-2023-36596
- CVE-2023-36584
- CVE-2023-37617
- CVE-2023-36720
- CVE-2023-36726
- CVE-2023-36581
- CVE-2023-36585
- CVE-2023-36434
- CVE-2023-36578
- CVE-2023-36570
- CVE-2023-38159
- CVE-2023-36592
- CVE-2023-36606
- CVE-2023-41770
- CVE-2023-36706
- CVE-2023-36724
- CVE-2023-41767
- CVE-2023-36732
- CVE-2023-36709
- CVE-2023-41773
Affected Vendors
Microsoft
Affected Products
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft Windows 10 x64
- Microsoft Windows 10 x32
- Microsoft Windows 10 1809 for x64-based Systems
- Microsoft Windows 10 1809 for 32-bit Systems
- Microsoft Windows 10 1809 for ARM64-based Systems
- Microsoft Windows 10 1607 for 32-bit Systems
- Microsoft Windows 10 1607 for x64-based Systems
- Microsoft Windows Server (Server Core installation) 2019
- Microsoft Windows Server (Server Core installation) 2016
- Microsoft Windows Server (Server Core installation) 2012 R2
- Microsoft Windows Server (Server Core installation) 2012
- Microsoft Windows Server for X64-based systems 2008 R2 SP1
- Microsoft Windows Server for X64-based systems (Server Core installation) 2008 SP2
- Microsoft Windows Server for 32-bit systems (Server Core installation) 2008 SP2
- Microsoft Windows Server for 32-bit systems 2008 SP2
- Microsoft Windows Server for X64-based systems (Server Core installation) 2008 R2 SP1
- Microsoft Windows Server 2022
- Microsoft Windows Server (Server Core installation) 2022
- Microsoft Windows Server for X64-based systems 2008 SP2
- Microsoft Windows 10 21H2 for ARM64-based Systems
- Microsoft Windows 10 21H2 for x64-based Systems
- Microsoft Windows 11 22H2 for ARM64-based Systems
- Microsoft Windows 11 22H2 for x64-based Systems
- Microsoft Windows 10 22H2 for 32-bit Systems
- Microsoft Windows 10 22H2 for ARM64-based Systems
- Microsoft Windows 10 22H2 for x64-based Systems
- Microsoft Windows 11 21H2 for ARM64-based Systems
- Microsoft Windows 11 21H2 for x64-based Systems
- Microsoft .NET 7.0
- Microsoft Visual Studio 2022 17.2
- Microsoft Visual Studio 2022 17.6
- Microsoft Visual Studio 2022 17.7
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.